{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T05:01:41.803","vulnerabilities":[{"cve":{"id":"CVE-2021-34431","sourceIdentifier":"emo@eclipse.org","published":"2021-07-22T14:15:08.050","lastModified":"2024-11-21T06:10:23.867","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Eclipse Mosquitto version 1.6 to 2.0.10, if an authenticated client that had connected with MQTT v5 sent a crafted CONNECT message to the broker a memory leak would occur, which could be used to provide a DoS attack against the broker."},{"lang":"es","value":"En Eclipse Mosquitto versiones 1.6 hasta 2.0.10, si un cliente autenticado que se había conectado con MQTT versión v5 enviaba un mensaje CONNECT diseñado al broker, ocurriría una pérdida de memoria, que podría ser usada para proporcionar un ataque DoS contra el broker"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:N/A:P","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"emo@eclipse.org","type":"Secondary","description":[{"lang":"en","value":"CWE-401"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-401"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:eclipse:mosquitto:*:*:*:*:*:*:*:*","versionStartIncluding":"1.6","versionEndIncluding":"2.0.10","matchCriteriaId":"1509006C-01A1-4D8F-81AF-B02F11464F06"}]}]}],"references":[{"url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=573191","source":"emo@eclipse.org","tags":["Mailing List","Vendor Advisory"]},{"url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=573191","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Vendor Advisory"]}]}}]}